Talk:BIP 0039

From Bitcoin Wiki
Revision as of 15:06, 26 October 2013 by ThomasV (talk | contribs) (adding my signature)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Here is a simple implementation of my proposal to 'mine' for a seed: 

from electrum import mnemonic
import ecdsa
import time
import hmac
import hashlib

PREFIX = "100"
n = len(PREFIX)
entropy = ecdsa.util.randrange( pow(2,160) )
nonce = 0

while True:
  ss = "%040x"%(entropy+nonce)
  s = hashlib.sha256(ss.decode('hex')).digest().encode('hex')
  words = mnemonic.mn_encode(s)[0:13] # 13 random words                                                                                                                          
  seed = ' '.join(words)
  I = hmac.new("Bitcoin mnemonic", seed, hashlib.sha512).digest().encode('hex')
  if I[0:n] == PREFIX:
    break
  nonce += 1

print seed
print I

PREFIX contains metadata about the wallet version.

The first 4 or 12 bits of PREFIX encode the length of the metadata (0 to e, f00 to fff)

The length of the metadata in bits is 4*(n+1) where n is the value that is encoded in the first bits.

The format of the metadata itself remains to be defined.

The most compact way to use it is probably to allocate version numbers.

Examples:

  • 00 to 0f : length = 4 bits. 16 possible version numbers
  • 100 to 1ff : length = 8 bits. 256 possible version numbers. (00 is used for Electrum's wallet structure)
  • 2000 to 2fff
  • etc.

ThomasV (talk) 15:06, 26 October 2013 (GMT)

Retrieved from "https://en.bitcoin.it/w/index.php?title=Talk:BIP_0039&oldid=41972"